Published: 15/02/2013 Updated: 18/02/2013

CVSS v2 Base Score: 6.8 | Impact Score: 6.4 | Exploitability Score: 8.6

VMScore: 605

Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P

Multiple cross-site request forgery (CSRF) vulnerabilities in the server in Cisco Unified MeetingPlace prior to 7.1(2.2000) allow remote malicious users to hijack the authentication of unspecified victims via unknown vectors, aka Bug ID CSCuc64903. NOTE: some of these details are obtained from third party information.

Vulnerable Product	Search on Vulmon	Subscribe to Product
cisco unified meetingplace 5.4
cisco unified meetingplace 6.1
cisco unified meetingplace
cisco unified meetingplace 6.0
cisco unified meetingplace 7.0
cisco unified meetingplace 7.0.2
cisco unified meetingplace 7.0.1
cisco unified meetingplace 7.0.3

Cisco Unified MeetingPlace Server contains a vulnerability that could allow an unauthenticated, remote attacker to conduct cross-site request forgery attacks The vulnerability is due to insufficient sanitization of user-supplied input processed by the Cisco Unified MeetingPlace software An unauthenticated, remote attacker could exploit this vul ...

CWE-352 http://tools.cisco.com/security/center/viewAlert.x?alertId=28217 http://tools.cisco.com/security/center/content/CiscoSecurityNotice/CVE-2013-1128 http://secunia.com/advisories/52194 https://nvd.nist.gov http://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/Cisco-SA-20130213-CVE-2013-1128

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2013-1128

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect